ID

VAR-202103-0778


CVE

CVE-2021-1442


TITLE

Cisco IOS XE   Vulnerability related to information disclosure from log files

Trust: 0.8

sources: JVNDB: JVNDB-2021-004761

DESCRIPTION

A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. The vulnerability is due to insufficient protection of sensitive information. An attacker with low privileges could exploit this vulnerability by issuing the diagnostic CLI show pnp profile when a specific PnP listener is enabled on the device. A successful exploit could allow the attacker to obtain a privileged authentication token. This token can be used to send crafted PnP messages and execute privileged commands on the targeted system. Cisco IOS XE Exists in a vulnerability related to information leakage from log files.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Cisco IOS XE Software is an operating system of Cisco (Cisco). A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity

Trust: 2.34

sources: NVD: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374496 // VULMON: CVE-2021-1442

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.3.5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.3s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.8sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.4.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1y

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.5bs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.7a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.9s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.6

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.11.2ae

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.11.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.1csp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.17.1as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.4es

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.1sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.10.0e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.2as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.10.1ae

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.1.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.7ae

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.2sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1d

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.5s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.4e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.2.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.4as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.5sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.10e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.4e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.10.0ce

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.4.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1f

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.2a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.3sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.3as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.5a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.9e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.17.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.5be

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.10.3e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.5ae

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.0e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.0as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.6s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.4c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.6e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.1bsp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.6

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.7e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.10s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.9.2be

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1r

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.1gsp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.3e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.4sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.2s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.1asp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.4gs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.7as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.5e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.5e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.10.2e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.7

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.8

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.1.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1g

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.2asp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.1isp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.3e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.2s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.7s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.10e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.11.1ae

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.4s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.9.2e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.17.4s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.3s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.17.0s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.5as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.11.2e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.7sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.5b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.11

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.1as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.13.9s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.13.10s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.3asp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.2e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.6bs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.11.0e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.8asp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.4e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.2bs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.5e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.3e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.9.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.0s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.5b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.6

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.0bs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.17.2s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.0as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.1.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.7be

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.4.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.10.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.0s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.9ae

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.5ae

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.4cs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.4s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.10

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.17.3s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.1hsp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.2s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.3bsp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.8e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1w

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.7

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1v

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.0cs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1x

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.6sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.7e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.7bs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1z

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.8s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.8e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.10.1se

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.13.8s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.18.0sp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1d

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3h

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.10as

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.4bs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1d

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.8.9e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.8

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.9.0e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.16.4ds

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.5f

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.6e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.2.1

Trust: 1.0

vendor:シスコシステムズmodel:cisco ios xescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-004761 // NVD: CVE-2021-1442

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1442
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1442
value: HIGH

Trust: 1.0

NVD: CVE-2021-1442
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202103-1392
value: HIGH

Trust: 0.6

VULHUB: VHN-374496
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-1442
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-1442
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-374496
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1442
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1442
baseSeverity: HIGH
baseScore: 7.0
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: CVE-2021-1442
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-374496 // VULMON: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1392 // NVD: CVE-2021-1442 // NVD: CVE-2021-1442

PROBLEMTYPE DATA

problemtype:CWE-532

Trust: 1.1

problemtype:Information leakage from log files (CWE-532) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-374496 // JVNDB: JVNDB-2021-004761 // NVD: CVE-2021-1442

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202103-1392

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVLurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVL

Trust: 0.8

title:Cisco IOS XE Software Repair measures for log information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145535

Trust: 0.6

title:Cisco: Cisco IOS XE Software Plug-and-Play Privilege Escalation Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVL

Trust: 0.1

sources: VULMON: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202103-1392

EXTERNAL IDS

db:NVDid:CVE-2021-1442

Trust: 2.6

db:JVNid:JVNVU99743643

Trust: 0.8

db:JVNDBid:JVNDB-2021-004761

Trust: 0.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021042150

Trust: 0.6

db:CNNVDid:CNNVD-202103-1392

Trust: 0.6

db:VULHUBid:VHN-374496

Trust: 0.1

db:VULMONid:CVE-2021-1442

Trust: 0.1

sources: VULHUB: VHN-374496 // VULMON: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1392 // NVD: CVE-2021-1442

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ios-xe-pnp-priv-esc-amg3kuvl

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2021-1442

Trust: 1.4

url:https://jvn.jp/vu/jvnvu99743643/index.html

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-34940

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042150

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/532.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/198741

Trust: 0.1

sources: VULHUB: VHN-374496 // VULMON: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1392 // NVD: CVE-2021-1442

SOURCES

db:VULHUBid:VHN-374496
db:VULMONid:CVE-2021-1442
db:JVNDBid:JVNDB-2021-004761
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202103-1392
db:NVDid:CVE-2021-1442

LAST UPDATE DATE

2024-08-14T12:06:11.339000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374496date:2021-03-30T00:00:00
db:VULMONid:CVE-2021-1442date:2021-03-30T00:00:00
db:JVNDBid:JVNDB-2021-004761date:2021-11-29T09:16:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202103-1392date:2021-04-22T00:00:00
db:NVDid:CVE-2021-1442date:2021-03-30T18:24:08.240

SOURCES RELEASE DATE

db:VULHUBid:VHN-374496date:2021-03-24T00:00:00
db:VULMONid:CVE-2021-1442date:2021-03-24T00:00:00
db:JVNDBid:JVNDB-2021-004761date:2021-11-29T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202103-1392date:2021-03-24T00:00:00
db:NVDid:CVE-2021-1442date:2021-03-24T20:15:15.133